You appear to be offline. Some site functionality may not work.

TLS 1.2-only delivery is now available

By  Sean Leach, SVP of Product, June 30, 2016 in Security

In February of this year, we announced our revised deprecation plan for TLS 1.0 and 1.1. As part of that plan, we promised to provide customers who wish to enforce stricter security requirements an opportunity to migrate to hosts that only support TLS connections via the TLS 1.2 protocol ahead of our planned deprecation schedule for the rest of the network. We’re happy to announce that you can now request migration to these TLS 1.2-only hosts if you’ve purchased a paid TLS option.

If you’re currently using our shared SAN or wildcard SAN options, we will add your domains to a certificate on a new TLS 1.2-only host. You’ll then need to modify your CNAME and Anycast (if applicable) DNS records to point to this new host. (We will leave the domain on both certificates during the migration period so traffic is not interrupted.)

If you’re using our customer certificate hosting option, we can disable TLS 1.0 and 1.1 on request with no further action on your part.

Keep in mind that, while TLS 1.2 is supported in all modern browsers, removing support for TLS 1.0 and 1.1 may prevent some older browsers from reaching your site over TLS.  A great breakdown of which browsers support which version of TLS is here.

If you'd like to migrate to TLS 1.2-only, or have any questions about the process, please contact our team and we'll be happy to help.


You may also like:

Subscribe to our newsletter

Sponsoring the Tor project with content delivery services

Fastly has historically supported many open source projects. We’re happy to announce that Fastly now provides sponsored Content Delivery for the Tor Project. TorBrowser updates are served over the Fastly network, taking...

Lean Threat Intelligence Part 3: Battling log absurdity with Kafka

In “Lean Threat Intelligence Part 2: The foundation,” we explained how we built our log management system, Graylog, using Chef. Next, we’ll cover how we created a message pipeline that allows us to route messages…

Recapping our second Fastly Security Speaker Series

On May 25, we had over 50 security researchers and engineers from the Bay Area and beyond in our San Francisco office for our recurring Fastly Security Speaker Series. This event focused on hardware security,…


Sean Leach | SVP of Product

Sean is SVP of Product at Fastly, where he is responsible for the Fastly product roadmap definition and execution. His current research focus is on DNS, DDoS, web/network performance, internet infrastructure, and combating the massive Internet security epidemic.